Public API that does not require auth

It would be great if you don't need to authenticate for accessing some API properties for public projects.

This for instance for app devs: #4205 (closed)

Endpoints:

• API::Projects: !7843 (merged)
• API::Tags: !7896 (merged)
• API::Repositories: !8148 (merged)
• API::Files: !8149 (merged)

mentioned in issue #4205 (closed)

mentioned in issue #14213 (moved)

FYI, @MaxN started this in gitlab-org/gitlab-ce!5572

Mentioned in issue #22314 (closed)

Mentioned in issue #23385 (closed)

Added ~13884 label

I'd also like to see a public API. For my use case it would be to fetch the project readme file. For a workflow I am trying to use, I want to be able to fetch the public README file without any authentication. For example, GitHub provides a url, e.g. https://api.github.com/repos/acgd-webdev-1/submit-github-account/readme which provides a base64 encoded version of a project readme.

I think we should do this sooner rather than later.

@rymai What is the status of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5572? Depending on that, I may schedule this for %8.15 or 8.16.

Added ~480950 label

Milestone changed to %29

I have spent six hours in one day a few days ago (along with another instance or two before) debugging problems with Composer (PHP package manager) and Gitlab integration. It all revolves around public projects not having public API access. Most developers that hit this problem, won't spend time figuring it out they'll just go to Github where it "just works". The work-around for development is to --prefer-source in my instance so Composer uses git directly instead of any APIs provided by the hosts. Which, is not always what you want went testing what a normal developer will hit.

This should be a high priority to try and get more public projects in the community hosted with Gitlab.

Yeah, i just did exactly that, hit the road block, spent some time on it until i figured out its a gitlab limitation, and moved my public repos to github.

Its a pity cozz i really like the integration with CI.

Mentioned in merge request !7843 (merged)

@DouweM I think !5572 (closed) is actually doing too much (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5572#note_19235113), I've reopened a new MR at !7843 (merged) which is focused on using a boring/simple solution for the Project API only (for now, but once approved and merged we can do it for all the other endpoints one by one).

Milestone changed to %8.15

Reassigned to @rymai

@rymai OK, after projects, can we prioritize the other ones that have been explicitly requested?

@DouweM Definitely, the next endpoint should be API::Files since it has been requested to be able to retrieve a README from public projects.

mentioned in commit 71ba28e4

@rymai Is there an issue for a public readme? https://gitlab.com/gitlab-org/gitlab-ce/issues/23385 has 7 upvotes, and https://gitlab.com/gitlab-org/gitlab-ce/issues/22314 has 2.

mentioned in merge request !7896 (merged)

mentioned in commit 50a78448

marked the checklist item API::Projects: !7843 (merged) as completed

marked the checklist item API::Tags: !7896 (merged) as completed

@rymai I can't quite tell: is this issue about allowing non-authorized API calls on a user's own projects? Or for any public projects anywhere?

For example, I've been wanting to create a utility CLI that needs to gather information about current merge requests open on the GitLab CE project on GitLab.com. As far as I can tell, the only projects the public API returns are my own projects.

Am I correct in thinking that what I'm trying to do is currently not allowed?

@brycepj It opens endpoints that don't require authentication. I need to add documentation to make this clear.

That said, for your use-case you'll be able to use the GET /projects/visible endpoint (https://docs.gitlab.com/ce/api/projects.html#list-projects)!

mentioned in merge request !8148 (merged)

mentioned in merge request !8149 (merged)

closed via merge request !8148 (merged)

mentioned in commit ef047d07

This isn't fixed:

Could not fetch https://gitlab.com/api/v3/projects/drutopia%2Fdrutopia%5Fsite/repository/branches, enter your gitlab.com credentials to access private repos A token will be created and stored in "/home/vagrant/.composer/auth.json", your password will never be stored

But https://gitlab.com/drutopia/drutopia_site is a public project. Please fix this on gitlab.com; it's really hurting our efforts to make it easy to get involved in our community project.

mentioned in issue #29662 (closed)

marked the checklist item API::Repositories: !8148 (merged) as completed

marked the checklist item API::Files: !8149 (merged) as completed

We're still not all the way to realizing the broad intent of this issue: #32226 (closed)